Modern Tools for the Modern Investigation
Data Breach and Privacy Loss
A data breach is a type of computer or network security incident that involves the release of any secure information to an untrusted environment or unauthorized person, whether intentional or unintentional. This information could include credit card or bank details, personal health information, personally identifiable information, intellectual property, or important business trade secrets.
There are many ways that data breaches can occur. In today's world, most data breaches happen with the use of computers and technology. Some common ways that a breach happens includes:
- Theft or loss of items such as computer disks, hard drives, laptops that contain unecrypted files with important information.
- Putting private information on the internet without following proper information security precautions
- Transferring information to unrealiable systems that do not meet approved levels accreditation (an example would be an unecrypted email)
- Transferring information to a potentially hostile source, such as a business competitor or a foreign nation.
What constitutes a "trusted environment"?
One of the key components of the definition of data breach is that the person or environment that receives the data is considered untrustworthy. But what makes the receiver untrustworthy?
The definition of a trusted environment or individual varies from case to case, but generally, it is a simple matter of common sense. For example, it would be a bad idea for a business to send sensitive information to a lower level employee who might not be around the company for long. However, long term staff members with demonstrated loyalty to the company could certainly be privy to such information.
In any case, whenever a person who had access to sensitive company information departs the company, it is extremely important to terminate that access to avoid a potential data breach.
What are the consequences of a data breach?
Lapses in computer security can have dire consequences. The first consequences that one must consider during a data breach are the privacy issues, both individual and company-wide. A lot of the most publicized data breaches involve the theft of private information such as social security numbers. Because of this, many people whose companies suffer data breaches could become victims of identity theft.
Spyware and Malware
Malware (short for malicious software), is a type of software created by hackers or other online criminals used to gain access to private computers and either obtain sensitive information or disrupt the systems operations. It is most generally used to refer to any hostile software and can be found in code, scripts, active content or any other software. READ MORE
IT Vulnerability Assessment
Identification and remediation of network vulnerabilities is ensures network security and protection against unauthorized access. Vulnerability management identifies vulnerabilities, evaluates and remediates the risk. This process allows for efficient detection of vulnerabilities and improves network security. Our experts test for network security weaknesses while providing suggestions for improvement. Testing allows client management to be confident knowing what vulnerabilities may exist and provide the opportunity to develop a plan to address any issues. READ MORE
Learn more about McCann Cases below:
In this case, McCann digital forensic investigators were retained by a medical clinic who believed that “a hacker had obtained medical information of our clients.” They were also not sure that the data breach had been stopped, or if more information had been leaked. READ MORE
In this case, McCann digital forensic investigators were retained by a toll road to determine the extent of a data breach potentially impacting hundreds of thousands of users of a major toll road. READ MORE
In this case, McCann investigators were contacted to investigate the “hacking” of a high profile executive’s personal email account. The contents of the email account included personal photos, some of which were sexual in nature and would be considered damaging. READ MORE
A law firm had been contacted a few weeks prior with an extortion threat detailing with the disclosure of their private email communications. The extortionist, claiming to be an Eastern European hacker, disclosed that they had gathered three years of emails between the firm’s attorneys and clients and were going to publish them online unless the firm paid them $200K. READ MORE